Security for Everyone - Reviewing Comodo Internet Security 2011

Share on

We pick up the Security for Everyone series this week with the free Comodo Internet Security. Comodo entered into the security arena in 2001 with their personal secure email certificate. In 2005 Comodo added desktop security to their portfolio with their firewall product. In 2008 the Comodo Internet Security suite was introduced adding another option to the firewall, antivirus and antispyware space. How does this relative desktop security newcomer stack up?

First Impressions

The Comodo Internet Security installer weighs in at just under 60 MB. The install is pretty straight forward and doesn't introduce any toolbars or third party applications. The install gives you the opportunity to install both the firewall and antivirus product together, or separately. For this review both products were installed. A couple of other install questions include whether or not you'd like to join the ComodoThreatcast community and if you'd like to use their secure DNS servers. The install completes quickly, largely due to no initial scan being required, and does require a reboot.

After a reboot Comodo detects the network and gives you an opportunity to allow file and printer sharing or stop detecting networks all together. The system then encourages the initial scan. My initial scan took just under 45 minutes to complete and identified a couple of network troubleshooting utilities as suspicious, and rightfully so. Once the initial scan is complete there are no further configuration prompts or wizards to run through.

The summary screen displays plenty of useful information without over doing it. The balance of status, antivirus and network information gives one the impression that Comodo has the system well under control. The summary screen also does a nice job of showing which programs are requiring the most of your network traffic. This bit of knowledge coupled with the ability to easily stop all connections can go a long way toward making your grandmother feel like she has a bit of control too. Let's see if Comodo holds up beyond the summary screen.

Ease of Use and Configuration

As with most desktop security products, the real configuration begins once the first application or network access is blocked. The notification window displaying the alert and associated actions will often set the tone for how easy the application will be to work with. Most Comodo alerts include the option to allow, block or sandbox the application or network request prompting the alert. The notification window also provides the opportunity to create a system restore point or send the suspect file along to Comodo to be analyzed. The necessary option of remembering your response also exists. Along with the well crafted notification is a good explanation of why the alert is displayed. If your grandmother can be shown the importance of reading these system alerts the job of choosing the proper response becomes much easier.

Accessing the main areas of configuration is pretty simple with the tab style interface. Antivirus options are easy to understand and provide the ability to run a scan, update the antivirus database, schedule a scan (the default is weekly), define scanning profiles and change the virus scanner settings. The virus scanner allows for three types of real time scanning. On Access, Stateful and disabled. The default is stateful and claims to take less system resources since it only scans those files that have not been scanned since the last virus database update. It should also be noted that is also easy to add file or directory exclusions from the virus scanner settings.

The firewall common tasks and advanced settings present far more options and may be more than dear Grandma will want to bother with. Two needed common tasks that do exist are defining a new trusted application and defining a new blocked application. What is missing is the ability to edit those applications that may have been allowed and since thought less of. To change or remove one of these predefined rules it's necessary to access the advanced settings and select Network Security Policy. From here one is met with a list of rules and the ability to add, edit and remove. This interface could have been made less intimidating for the novice user considering the fact that wandering into it is almost unavoidable. Additional firewall tasks include Stealth Ports Wizard and easy access to active network connections.

The Defense+ settings are where things get meaty. Here one can define protected files against unauthorized modification, identify safe executables, protect registry keys and much more. Defense+ is also where the sandbox settings are defined. The sandbox is a feature that sets Comodo apart from some of its competitors. The ability to run a questionable application in a sandbox space is very nice. While this may not be an area Grandma would visit often, the prompts displayed when an application should possibly be sandboxed are well formed and, if nothing else, should prompt a call to her favorite geeky niece or nephew.

One aspect that I did not enjoy so much is the fact that Comodo Internet Security has poor UAC integration. For example, if you want to uninstall it, clicking on the uninstall shortcut won't work - it will return an error that you need to be administrator in order to remove it. To make it work, you have to right click on the shortcut and then select 'Run as administrator'. Definitely not helping the casual user such as grandma.

Firewall

The Comodo firewall settings offer very little for the novice user. This is rather unfortunate since the firewall is pretty locked down from the onset. This means there are plenty of alerts being displayed that require a response. The more this type of thing happens the less likely Grandma may be to read an alert and respond correctly, thus forcing the need to venture into the firewall settings which likely won't end well. Probably the most used functions of the firewall are accessible from right clicking the tray icon and adjusting the firewall security level.

The firewall does appear to do a pretty good job in its role of protector. Nmap scans displayed very little information and in some cases no information at all. The firewalls ability to learn the behavior of programs and executables also proved to be sufficient. It's important to mention that stopping and disabling the Comodo service was easily done. Upon reboot the service remained disabled with the summary status message noting the system was trying to start. The ease with which this was accomplished was surprising.

Another less positive aspect is the fact that Comodo Internet Security doesn't turn off the Windows Firewall when it gets installed. Therefore, you have to manually disable it yourself. Otherwise, you will end up with two firewalls being active.

Antivirus and antispyware features

The antivirus and antispyware features of Comodo do not measure up to most in the industry. I was not able to find any authoritative comparisons or tests to truly measure how effective the applications are. In my own test system I was able to download and execute a rogue Anti spyware application whose origins begin in 2009. This doesn't bode well. Comodo did identify and clean the executable after a reboot but by then the damage may have already been done and the previously mentioned ease around disabling the Comodo service does not lend much comfort.

Verdict

Comodo has a relatively strong background in internet related security. I believe this consistent direction means the desktop security suite will mature into an application to pit against competing products. The application does need to mature however. There needs to be formal testing done by reputable organizations to determine the effectiveness of the antivirus and antispyware offering. To the best of my knowledge Comodo has yet to release the results of its own antivirus testing.

Comodo is doing several things right in the interface like providing access to help text at just about every turn. The Defense+ has several compelling features that could do well to differentiate it. For the novice user though, the interface needs to be refined to bring focus to those basic functions that make or break a positive and secure experience. For the time being, this solution deserves only the 'BUY for Geeks!" award. If you want to try it out yourself, you can download it from here.

Comments

by Anonymouson 06/29/2010 - 13:50

i have found by testing just about all of the mentioned security suites at the end of your review that AVG internet security 9 is the best by far since i have had AVG protecting my computer there have been NO problems with viruses,malware or any thing else that could hurt this computer,i stick with the one that does the best job and thats AVG internet security 9.

I'm happy you've been able to settle on a security solution you are satisfied with. AVG certainly has its strong points, however it is important to continue to test any security solution. Complacency is a great ally to those wishing to manipulate our systems. Good luck!

While I respect that AVG can be useful in some instances, my personal and business experience (I am an IT professional) is that AVG has not been completely reliable in ensuring that systems do not become infected with viruses, trojans, etc.

For instance, scanning with AVG 9.x, just after performing a database update, no infections were found on a particular business machine. However, immediately afterwards I ran the Malwarebytes Anti-malware software and it quickly found four different infections (and removed them) that AVG obviously did not even find. The same scenario occurred with a home computer as well.

Thus, my experience is that Malwarebytes Anti-malware is more capable of finding and removing computer infections then AVG 9.x.

Ive used both and I think commodo is as god as AVG.
The things I dont prefer about commodo is the fact
that it is always stcking its 2 cents in when your
busy and it becomes annoying!Some people might
like this though because it does its job well.
The reason I dont use it is because it is a resource
hog.I have a kick butt pc but for those who dont
it can slow down your system by half!
Regards all,Bob

I find it deeply offensive that you assume "Grandma" to be the dumb one. I have found the opposite. I am a grandma who HELPS solve "Younger persons" PC problems. Get rid of the ageism and then we take you seriously!!

This whole thing is just a metaphor. You don't have to take it as an offense towards yourself or anybody else.

Buy for grandma - means recommended to everyone, including people not very familiar with computers.
We will try to think of some other way of recommending things to our readers, but keep the same meaning.

Probably someone, somewhere would be offended by the term "non-enthusiast computer user" but perhaps fewer would be offended by that term than "Grandma" even though both terms have the same meaning. To me, there are three categories of computer users; 1) The non-enthusiast user to whom the computer is nothing but a tool to use to perform certain tasks, 2) The enthusiast user who makes a hobby of their computers and studies them and takes pride in knowing the inner workings of the devices, and 3) The professional who makes it their job to know the computer - and the rest of the IT field - inside and out. Maybe the retired IT professional Grandmas of the world would like better to hear "non-enthusiast" to describe the level of competence of their more typical peers. This from a 69 year old Great Grandpa who fits somewhere in the lower half of the #2 category.

Your site is delightful and much appreciated ! A BIG Thank-You to all who have obviously worked so hard in contributing....You heip make my life a bit smoother!

I'm a grandmother who fits into Category #2 and I think your little "Grandmas" & "Geeks" is indeed catchy. I COMPLETELY agree with your 'Understand your point' response...up till the last sentence, then we part ways.

A wise old adage says:
You can please all of the people some of the time.
You can please some of the people all of the time.
But you can't please all of the people all of the time!

It doesn't seem to matter how inoffensive or politically correct one endeavors to be....there's ALWAYS gonna be SOMEONE bitching!

Don't be distracted from your purpose & intent by a few who choose to take offense over an imagined slight....Just keep on doing what you're doing. You make a difference. Thanks again.

Well I find it useful in some instances and the systems do not become infected with viruses, trojans, etc.But I have also used another called Athtek netwalk .The surface is more clear. Thus, my experience is it's better